<%@ page import="com.eva.framework.dbpool.DBShell,
	java.util.Vector,
	java.util.Date,
	java.util.regex.Matcher,
	java.util.regex.Pattern,
	com.eva.epc.common.util.CommonUtils"
%>
<%
request.setCharacterEncoding("UTF-8");

String path = request.getContextPath();
String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";

String idOrMail = request.getParameter("idOrMail"); 
String verificationCode = request.getParameter("verificationCode"); 
String loginPsw = request.getParameter("loginPsw"); 

DBShell db = new DBShell();
Vector sqls = new Vector(2);
Vector values = new Vector(2);

int resultCode;

/*String str = "^([a-zA-Z0-9_\\-\\.]+)@((\\[[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.)|(([a-zA-Z0-9\\-]+\\.)+))([a-zA-Z]{2,4}|[0-9]{1,3})(\\]?)$";
Pattern p = Pattern.compile(str);
Matcher m = p.matcher(idOrMail);*/

String codeSql = "";

// 根据连接数据库的不同使用各自数据库专用的日期时间计算函数
String datediffFunction = "";
if(DBShell.isSQLServer())
	datediffFunction = "datediff(mi,verification_time,getdate())";
else if(DBShell.isMySQL())
	datediffFunction = "timestampdiff(MINUTE,verification_time,now())";

//if(m.matches())
if(CommonUtils.isEmail(idOrMail))
	codeSql= "SELECT "+datediffFunction+" FROM missu_users where user_mail='" + idOrMail + "'";
else
	codeSql= "SELECT "+datediffFunction+" FROM missu_users where user_uid='" + idOrMail + "'";
String result = db.querySingleItem(codeSql);
if(result != null)
{
	int time = Integer.parseInt(result);
	if(time >= 0 && time <= 30)
	{
		sqls.add("UPDATE missu_users SET user_psw=? WHERE (user_uid=? or user_mail=?) AND verification_code=?");
		values.add(new Object[] { CommonUtils.encyptPassword(loginPsw, ""), idOrMail, idOrMail, verificationCode});
		boolean res = db.update(sqls, values, true);
		//0为修改成功,-1为修改失败(提交数据不准确)
		resultCode = res ? 0 : -1;
	}
	else
		//修改请求已超时
		resultCode = -2;
}
else
{
	//没有修改密码请求
	resultCode = -3;
}

response.setStatus(301);
response.setHeader("Location",basePath+"view/result.jsp?result=" + resultCode);
response.setHeader("Connection", "close");
%>